Police Refer Teenaged Crackers For 'Second Chance' Jobs at Cyber-Security Company

This week the BBC reported on teenaged "hackers dragged from a world of crime to fight for the other side" at "a fairly ordinary looking cyber-security company" in southwest England. Bruce66423 shared their report: Bluescreen employs hackers the authorities have deemed worthy of a second chance, who pit their wits against some of the anonymous online criminals they used to see as brothers in arms... Bluescreen IT has a direct link with the police to find hackers in need of direction. These are young men who have been accused of serious crimes, but instead of being taken through the criminal justice system, they've been given a second chance. About 15 people work in the Security Operations Centre, a handful of whom have been referred to the company as hackers who aren't malicious in nature and are deemed capable of reform...

There's a relaxed atmosphere when you walk into the Security Operations Centre, but it's serious work. Three monitors on the wall detail which of Bluescreen's clients are being attacked, and how serious the threat is. The clients, mostly smaller and medium-sized businesses from around the South West, are given codenames like "Black Mamba" or "Green Starfish" -- usually a colour and an animal... Bluescreen sees itself as a place to develop young people, give them a second chance, and be a haven for those with nowhere else to go. "It makes me really proud when they achieve industry-recognised qualifications," said the company's chief operating officer, Richard Cashmore.
A 16-year-old named Jack stole personal information from about 1,000 people. Years later, when he was 19, "the police sent five squad cars, a tech team and a riot van to his home.... Another employee, Cameron, was arrested on his way to school when he was just 14 years old. "Officers from the National Crime Agency had planned the sting so that Cameron would be out of the house, and unable to destroy his hard drives in the event he heard them coming."

As "apprentices" they start at £650 a month, reports the BBC, but "after five years of experience they could easily be earning close to £50,000 a year."

Re:Next: Drug dealers diverted to pharma sales

[drinkypoo]

This is surely not the same as diverting people convicted of dealing drugs into pharma sales jobs. But why is it not the same?

Same gig, different risks. Either way you're selling drugs to people who want them but don't know why, and are largely ignorant of the risks involved. Both are generally morally bankrupt. Well, there is one difference. If someone only sells cannabis products, they're not harming anyone. At worst, they're providing false hope. Big pharma drugs actually kill people.

Re:"after five years" "£50,000 a year."

[quantaman]

So basically they're indentured servants, because five years of cyber security experience on top of what they already knew would make them bank on the open market.

That's how you get your slaves. Throw the book at young kids and make them work cheap for you for a decade or more.

That's 65k USD, which actually isn't bad considering that they probably don't have degrees and have criminal records. And they don't seem to be bound to this company, it's just one of the few companies that will hire them in a technical role given that they don't have degrees and have criminal records.

And lets face it "teenaged crackers" aren't the ones finding zero-day exploits. These were kids deploying pre-built rootkits or hacking tools, or using social engineering attacks. They need some basic technical competency, but their biggest asset is largely just a bunch of specialized knowledge.

I think my biggest issue with this is:
a) A lot of the kids didn't seem to realize they were doing something especially wrong, even though if they were enabling things like identity left that can seriously ruin people's lives. It's a hard question figuring out the appropriate punishment for stuff like that.

b) Some of them do seem pretty bright, professional experience is good and you can get a pretty good career going straight into the industry. But I suspect a lot would really benefit from a post-secondary education.